Skip Menu |
 

Date: Tue, 23 Jan 2007 21:50:40 +0100
From: Jeffrey Altman <jaltman@secure-endpoints.com>
To: kfw-bugs@mit.edu
Subject: pismere kinit must be updated for krb5 1.6
Download smime.p7s
application/x-pkcs7-signature 3.2KiB

Message body not shown because it is not plain text.

the krb5 kinit added calls to krb5_get_error_message() which takes as
input a krb5_context. This context is used to provide access to data
detailing the state of the library at the time of the most recent
error. This is then used for enhanced error messages.

The pismere version of kinit must be updated to do the same.
*** \src\kerberos\mit-cvs\pismere\athena\auth\krb5-1-4\src\clients\kinit\kinit.c Sat Jul 22 06:03:26 2006
--- kinit.c Thu Jun 29 21:20:55 2006
***************
*** 27,32 ****
--- 27,33 ----
* Initialize a credentials cache.
*/

+ #include "autoconf.h"
#include <krb5.h>
#ifdef KRB5_KRB4_COMPAT
#include <kerberosIV/krb.h>
***************
*** 37,42 ****
--- 38,44 ----
#include <string.h>
#include <stdio.h>
#include <time.h>
+ #include <com_err.h>

#ifdef GETOPT_LONG
#include <getopt.h>
***************
*** 209,215 ****
USAGE_BREAK_LONG
"[-p | -P" USAGE_LONG_PROXIABLE "] "
USAGE_BREAK_LONG
! "[-A" USAGE_LONG_ADDRESSES "] "
USAGE_BREAK
"[-v] [-R] "
"[-k [-t keytab_file]] "
--- 211,217 ----
USAGE_BREAK_LONG
"[-p | -P" USAGE_LONG_PROXIABLE "] "
USAGE_BREAK_LONG
! "[-a | -A" USAGE_LONG_ADDRESSES "] "
USAGE_BREAK
"[-v] [-R] "
"[-k [-t keytab_file]] "
***************
*** 256,261 ****
--- 258,264 ----
ULINE("\t", "-F not forwardable", OPTTYPE_KRB5);
ULINE("\t", "-p proxiable", OPTTYPE_KRB5);
ULINE("\t", "-P not proxiable", OPTTYPE_KRB5);
+ ULINE("\t", "-a include addresses", OPTTYPE_KRB5);
ULINE("\t", "-A do not include addresses", OPTTYPE_KRB5);
ULINE("\t", "-v validate", OPTTYPE_KRB5);
ULINE("\t", "-R renew", OPTTYPE_BOTH);
***************
*** 268,273 ****
--- 271,288 ----
exit(2);
}

+ static krb5_context errctx;
+ static void extended_com_err_fn (const char *myprog, errcode_t code,
+ const char *fmt, va_list args)
+ {
+ const char *emsg;
+ emsg = krb5_get_error_message (errctx, code);
+ fprintf (stderr, "%s: %s ", myprog, emsg);
+ krb5_free_error_message (errctx, emsg);
+ vfprintf (stderr, fmt, args);
+ fprintf (stderr, "\n");
+ }
+
static char *
parse_options(argc, argv, opts, progname)
int argc;
***************
*** 281,287 ****
int use_k5 = 0;
int i;

! while ((i = GETOPT(argc, argv, "r:fpFP54AVl:s:c:kt:RS:v"))
!= -1) {
switch (i) {
case 'V':
--- 296,302 ----
int use_k5 = 0;
int i;

! while ((i = GETOPT(argc, argv, "r:fpFP54aAVl:s:c:kt:RS:v"))
!= -1) {
switch (i) {
case 'V':
***************
*** 316,322 ****
opts->not_proxiable = 1;
break;
case 'a':
- /* Note: This is supported only with GETOPT_LONG */
opts->addresses = 1;
break;
case 'A':
--- 331,336 ----
***************
*** 494,499 ****
--- 508,514 ----
com_err(progname, code, "while initializing Kerberos 5 library");
return 0;
}
+ errctx = k5->ctx;
if (opts->k5_cache_name)
{
code = krb5_cc_resolve(k5->ctx, opts->k5_cache_name, &k5->cc);
***************
*** 591,596 ****
--- 606,612 ----
krb5_cc_close(k5->ctx, k5->cc);
if (k5->ctx)
krb5_free_context(k5->ctx);
+ errctx = NULL;
memset(k5, 0, sizeof(*k5));
}

***************
*** 1098,1103 ****
--- 1114,1121 ----
memset(&k5, 0, sizeof(k5));
memset(&k4, 0, sizeof(k4));

+ set_com_err_hook (extended_com_err_fn);
+
parse_options(argc, argv, &opts, progname);

got_k5 = k5_begin(&opts, &k5, &k4);
Checking in kdestroy/kdestroy.c;
/cvs/pismere/pismere/athena/auth/kuser/kdestroy/kdestroy.c,v <--
kdestroy.c
new revision: 1.8; previous revision: 1.7
done
Checking in kinit/kinit.c;
/cvs/pismere/pismere/athena/auth/kuser/kinit/kinit.c,v <-- kinit.c
new revision: 1.14; previous revision: 1.13
done
Checking in klist/klist.c;
/cvs/pismere/pismere/athena/auth/kuser/klist/klist.c,v <-- klist.c
new revision: 1.17; previous revision: 1.16
done